Not So Funny: Cracked Humor Site Serves Drive By Malware

November 27, 2013 | By Kevin Judge

Something funny was going on at the Cracked Humor web site recently, and many site visitors were not amused.Recently, the humor website Cracked.com became was the unwitting host to malicious content for more than two days. Visitors to the website were exposed to a trojan virus that may have allow malware into their.

People who visited the website recently are being encouraged to scan their computers completely using antivirus and firewall tools to be on the safer side. Barracuda labs which found this issue reported that the malware was a drive by download which could have infected thousands already because of the massive user base the Cracked website has. Globally the website holds a 654 rank and is in 289th place in USA which makes it extremely popular.

Once again, it is the Javascript that has been exploited in this attack. The issue found in the JV script allowed attackers to access cracked dot com domain and make use of the iframe found in it. Malicious pdf, documents and html files were transferred to the visitor’s computer as soon as they entered the website domain. Putting Internet security to risk, such malware may even lead to ransomware where they will take hold of your computer and demand money before releasing access to important data. Once they have managed to access your system using such infected website, the attacker may choose to upload more malware into the affected machines which will then act as a host in distributing those malicious codes to more computers on the web. This is a circular and interwined network that security firms are trying to bring under control.

More malware details have been detailed in the security firm’s page. As of now, the website developers of Cracked dot com didn’t officially accept the claim but they are working to fix the malware issue at the earliest. Over 46 malware engines were detected on the website. The firm confirms that even though, attackers targeted the website about ten days ago, it is not fixed. It continues to play host to a series of malware and require serious scanning before the public can access it again. Similar attacks on multiple websites is common nowadays threatening Internet security and experts are looking to find solid ways to fight back.

Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now